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REMARKS/ARGUMENTS 

1.) Claim Amendments 

Claims 1-30 are pending in the application. Favorable reconsideration of the 
application is respectfully requested In view of the foregoing anriendments and the 
following remarks. 



2.) Claim Rejections ~ 35 U.S.C. § 102(b) 

Claims 1-30 stand rejected under 36 U.S.C, 102(b) as being anticipated by 
Epstein, et ai. (U.S. Patent No. 6,023,510) {"Epstein"), Applicant respectfully traverses 
the rejection of claims 1-30. 

For a rejection under 35 U.S.C. § 102 to be proper, '*|t}he identical invention must 
be shown in as complete detail as is contained in the . . . claim;' and "[t]he elements 
rnust be arranged as required by the claim." Richardson v. Suzuki Motor Co., 868 F,2d 
1226. 1236, 9 U.SP.Q.2d 1913, 1920 (Fed. Cir. 1989); In re Bond, 16 U,.S.P.Q.2d 1566 
(Fed. Cir. 1990); M.P.E.P. §2131 (emphasis added). Epstein fails to disclose the 
subject matter of the rejected claims in as complete detail and as arranged by the 
relevant claims. 



t. Claim 1 

For example, ciaim 1 recites; 

A method for provision of access for a data requesting entity to data 
related to a principal, comprising the following steps; 
creating an access granting ticket comprising 

(a) an access specification specifying a pefmtssion for an 
access to data related to the principal, said data being available at 
a data providing entity, 

(b) a principal identifier representing the principal towards 
the data providing entity, 

- encrypting the access granting ticket with an encryption key of the 
data providing entity, 

- communicating to the data requesting entity the encrypted access 
granting ticket accompanied by an identifier of the data providing entity, 

-communicating from the data requesting entity to the data 
providing entity a request comprising the encrypted access granting ticket, 
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- decrypting the encrypted access granting ticket with a decryption 
key of the data providing entity corresponding to the encryption key, 

~ providing to the data requesting entity access to data refated to 
the principal identifier according to the access specification. 

Epstein fails to recite, expiicitty or inherentiy, every element of daim 1 for at least 

several reasons. First, Epstein fails to disclose "communicating to the data requesting 

entity the encrypted access granting ticket accompanied by an identifier of the data 

providing entity." Second, Epstein fails to disclose "creating an access granting ticket 
comprising . . . (b) a principai identifier representing the principal towards the data 
providing entity." As explained further below, claim 1 is thus allowable for at least these 
reasons. 

a. Epstein fails to disclose "communicating to the data requesting entity the encrypted 
access granting ticket accompanied by an i dentifier o f the data providing entity." 

Claim 1 recites "communicating to the data requesting entity the encrypted 
access granting ticket accompanied by an identifier of the data providing entity." The 
Office Action attempts to equate a user terminal or public terminal described by Epstein 
with the "data requesting entity" recited by claim 1 , and a "query" described by Epstein 
with the "encrypted access granting ticket" recited by claim 1 . See Office Action at pp. 
4-5. However, in attempting to address the above element of claim 1, the Office Action 
cites to a portion of Epstein that describes ''formulating by the user of a query to be sent 
to the orovidsr " Epstein at col. 3, 11. 36-37 (emphasis added). Thus, the query in 
Epstein is formulated by the user and sent to the provider . As a result, the cited 
portion of Epstein does not disclose "communicating to the data requesting entity the 
encrypted access granting ticket accompanied by an identifier of the data providing 
entity" (emphasis added). 

Additionally, the Offtce Action attempts to equate the information provider's public 
key with the "identifier of the data providing entity" recited by claim 1. See Office Action 
at p. 5. However, contrary to the Office Action's assertions, the cited portion of Epstein 
does not indicate that the information provider's public key can be used to identify the 
information provider, only that it can be used to encode the query. Thus, the 
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inofrmatfon provider's public key ts not an "identifier of t!ie data providing entity" as 
recited by claim 1. Consequently, the cited portion of Epstein fails to disclose 
"communicating to the data requesting entity the encrypted access granting ticl<et 
accompanied by an identifier of the data providing entiW (emphasis added) for this 
reason as well 

Furthermore, even if the information provider's public key were an "identifier of 

the data providing entity" as recited by claim 1 , the cited portion of Epstein describes the 
user terminal as transmitting the encoded query to the information provider but does not 
disclose the user terminal transmitting the information providers public key to the 
information provider. Thus, the cited portion of Epstein fails to disclose 
' communicating to the data requesting entity the encrypted access granting ticket 
accompanied by an identifier oftfie data providing entity {emphasis added) for this 
reason as well. Consequentty, for at least several reasons, Epstein fails to disclose 
"communicating to the data requesting entity the encrypted access granting ticket 
accompanied by an identifier of the data providing entity" in as much detail and as 
arranged by clBim 1. 

b. Epstein fails to disclose "creatino an access granting ticket comDrisina . . . fb^ a 
principal ide ntifier representing the principal towards the data providing entity" 

Epstein also fails to disclose "creating an access granting ticket comprising . . . 

(b) a principal identifier representing the phncipal tovi/ards the data providing entity" as 
recited by claim 1. in addressing this element, the Office Action attempts to equate a 
"user public key" and a "user random number" described by Epstein with the "principal 
identifier" recited by claim 1 . In support of this mapping, the Office Action argues that 
"any transformed random number / public key that can uniaueiv identify a user is 

qualified as part of 'principle identifier' of the user " Office Action at p, 4. However. 

even assuming this assertion is correct, the cited portion of Epstein does not indicate 
that either the user public key or the user random number cm uniquely identify the user. 
With respect to the user random number (RN), Epstein indicates that it identifies the 
specific query submitted by the user and/or the corresponding response package (RP) 
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generated by the provider, not the user who submitted the query. See, e.g., Epstein at 
coL 4, l\. 16-18 (" . . . a random number sequence generated by the user for sole use in 
the query package . . ."); coi. 7, \l 20-22 {'The posted response package RP is found by 
the associated random number sequence RN . . .") With respect to the user public key, 
Epstein indicates only that the user's public key is used to "encrypt the symmetric key 
SymK-info ... to form a second part of response package RP," Epstein at col. 7, 4-6. 
Indeed, as Applicant previously noted, Epstein repeatediy stresses that the query is 
intended to be anonymous. See, e.g., Epstein at coi. 2, II. 9-11. Thus, neither the user 
random number nor the user public key identify the user as alleged by the Office Action. 
Consequently, even under the mapping of the Office Action, Epst&in fails to disciose 
"creating an access granting ticket comprising . . . (b) a principal identifier representing 
the orincioal towards the data providing entity " as recited by claim 1. 

As a result, Epstein fails to recite every element of claim 1 in as much detail and 
as arranged by claim 1 for at least these reasons. Although of differing scope from 
claim 1, claims 12 and 28 include elements that are not disclosed by Epstein for at least 
reasons analogous to those discussed with respect to claim 1. Claims 1, 12, and 28 are 
thus allowable for at least these reasons. Applicant respectfully requests 
reconsideration and allowance of Claims 1,12, and 28, and their respective dependent 
claims. 

H. Claim 19 

The Office Action improperly rejects claims 19 and 29 based on the language of 
claim 1. Claim 19, however, differs in wording from claim 1. Applicant respectfully 
notes that "|a)!l words in a claim must be considered in Judging the patentability of that 
claim against the prior art." M.P.E.P. § 2143.03 (citing In re Wilson, 424 F.2d 1382, 166 
U.SP.Q. 494, 496 (C.CP,A. 1970)). The Office Action completely fails to address 
elements recited by claim 1 9 such as "the receiving unit , , . to receive a further 
encrypted access granting tickBt for provision of access to further data related to the 
principal, said further data being avaUable at a further data providing entity '* 
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(emphasis added) and "the processing unit generates a first request . . . and a further 
reQuesf (emphasis added), and Epstein talis to disclose these eSements, 

As a result, Epstein fails to recite every element of clairD 19 in as much detail and 
as arranged by claim 19 for at least these reasons. Although of differing scope from 
claim 19, claim 29 includes elements that are not disclosed by Epstein at least for 
analogous reasons to those discussed with respect to claim 19, Claims 19 and 29 are 
thus allowable for at least these reasons. Applicant respecffuily requests 
reconsideration and allowance of Claims 19 and 29, and their respective dependent 
claims. 

iV. Claim 22 

Although of differing scope from claim 1 , claim 22 includes elements that are not 
disclosed by Epstein at least for analogous reasons to those discussed with respect to 
claim 1 . For exampie, Epstein fails to disclose a receiving unit "wherein the receiving 
unit receives a request from a data requesting entity, the request comprising . . . a 
prmcmal identifier representing the ormcioat towards the data orovictma entiW 
{emphasis added) as recited by claim 22. 

As a result, Epstein fails to recite every element of claim 22 in as much detail and 
as an-anged by claim 22 for at least these reasons. Although of differing scope from 
claim 22, claim 30 includes elements that are not disclosed by Epstein for at least 
reasons analogous to those discussed with respect to claim 22. Claims 22 and 30 are 
thus allowable for at least these reasons. Applicant respectfully requests 
reconsideration and allowance of Claims 22 and 30, and their respective dependent 
claims. 
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CONCLUSiON 

In view of the foregoing remarks, the Appiicant believes all of the claims currently 
pending in the Application to be in a condition for allowance. The Applicant, therefore, 
respectfully requests that the Examiner withdraw al! reiections and issue a Notice of 
Allowance for all pending claims. 

The Applicant requests a telephonic interview if the Examiner has any questions 
or requires any additional information that would further or expedite the prosecution of 
the Application. 
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